Description
Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.
Published: 2026-04-27
Score: 7.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Hard‑coded credentials enabling unauthorized access to camera devices
Action: Immediate Patch
AI Analysis

Impact

Firmware in certain Milesight AIOT cameras contains hard‑coded credentials, allowing an attacker who can reach the device to log in without knowing a valid password. The flaw is identified as CWE‑798 and permits the unauthenticated user to access the management interface, modify configuration settings, capture video streams, or perform other privileged operations.

Affected Systems

Milesight AIOT camera models affected include MS‑C2964‑RFLPC, MS‑C2966‑RFLWPC, MS‑C2966‑X12RLPC, MS‑C2966‑X12RLVPC, MS‑C2972‑RFLPC, MS‑C5321‑FPE, MS‑C5361‑X12LPC, MS‑C5366‑X12LPC, MS‑C5366‑X12LVPC, MS‑C8477‑HPG1, MS‑C8477‑PC, MS‑CQxx31‑xxxG1, MS‑CQxx68‑xxxG1, MS‑CQxx72‑xxxG1, MS‑Cxx41‑xxxPE, MS‑Cxx52‑xxxPE, MS‑Cxx61‑xxxPE, MS‑Cxx62‑xxxG1, MS‑Cxx72‑xxxG1, MS‑Cxx75‑xxPD, MS‑Cxx83‑xPD, MS‑Nxxxx‑NxE, MS‑Nxxxx‑xxC, MS‑PMC8266‑FPE, MS‑PMC8266‑FGPE, MS‑SC211, MS‑SP111, MS‑TS2841‑X36TPC, MS‑TS2866‑X4TGPC, MS‑TS2966‑X12TPE, MS‑TS4441‑X36RE, and many related models within the MS‑Cxx and MS‑TS series.

Risk and Exploitability

The CVSS score of 7.7 indicates a high severity risk, while the EPSS score of less than 1% shows a low current probability of exploitation. The flaw is not listed in CISA KEV. Based on the description, it is inferred that an attacker must reach the camera through the network or local interface to use the embedded credentials and gain access. Once authenticated, the attacker can perform any action available to an authorized user, which could compromise confidentiality, integrity, and availability of the device.

Generated by OpenCVE AI on April 29, 2026 at 01:33 UTC.

Remediation

Vendor Solution

Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.  https://www.milesight.com/support/download/firmware MS-Cxx63-PD: Update to 51.7.0.77-r13 MS-Cxx64-xPD: Update to 51.7.0.77-r13 MS-Cxx73-xPD: Update to 51.7.0.77-r13 MS-Cxx75-xxPD: Update to 51.7.0.77-r13 MS-Cxx83-xPD: Update to 51.7.0.77-r13 MS-Cxx74-PA: Update to 3x.8.0.3-r13 MS-C8477-HPG1: Update to 63.8.0.4-r4  MS-C8477-PC: Update to 48.8.0.4-r4 MS-C5321-FPE: Update to 62.8.0.4-r6 MS-Cxx72-xxxPE: Update to 61.8.0.5-r2 MS-Cxx62-xxxPE: Update to 61.8.0.5-r2 MS-Cxx52-xxxPE: Update to 61.8.0.5-r2 MS-Cxx66-xxxPE: Update to 61.8.0.5-r2 MS-Cxx66-xxxGPE: Update to 61.8.0.5-r2 MS-Cxx61-xxxPE: Update to 61.8.0.5-r2 MS-Cxx67-xxxPE: Update to 61.8.0.5-r2 MS-Cxx71-xxxPE: Update to 61.8.0.5-r2 MS-Cxx41-xxxPE: Update to 61.8.0.5-r2 MS-Cxx76-PE: Update to 61.8.0.5-r2 MS-Cxx65-PE: Update to 61.8.0.5-r2 MS-Cxx66-xxxG1: Update to 63.8.0.5-r4 MS-Cxx62-xxxG1: Update to 63.8.0.5-r4 MS-Cxx72-xxxG1: Update to 63.8.0.5-r4 MS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2  MS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2 MS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2 MS-Nxxxx-NxE: Update to 7x.9.0.19-r6 MS-Nxxxx-xxC: Update to 7x.9.0.19-r6 MS-Nxxxx-xxE: Update to 7x.9.0.19-r6 MS-Nxxxx-xxG: Update to 7x.9.0.19-r6 MS-Nxxxx-xxH: Update to 7x.9.0.19-r6 MS-Nxxxx-xxT: Update to 7x.9.0.19-r6 PMC8266-FPE: Update to PO_61.8.0.4-r1 PMC8266-FGPE: Update to PO_61.8.0.4-r1 PM3322-E: Update to PI_61.8.0.3-r5 TS4466-X4RIPG1: Update to T_63.8.0.4-r4  TS5366-X12RIPG1: Update to T_63.8.0.4-r4 TS8266-X4RIPG1: Update to T_63.8.0.4-r4 TS4466-X4RIVPG1: Update to T_63.8.0.4-r4 TS4466-RFIVPG1: Update to T_63.8.0.4-r4 TS8266-X4RIVPG1: Update to T_63.8.0.4-r4 TS8266-RFIVPG1: Update to T_63.8.0.4-r4 TS4466-X4RIWG1: Update to T_63.8.0.4-r4 TS8266-X4RIWG1: Update to T_63.8.0.4-r4 TS5510-GVH: Update to T_47.8.0.4-r8 TS5510-GH: Update to T_47.8.0.4-r8 TS5511-GVH: Update to T_47.8.0.4-r8 TS2966-X12TPE: Update to T_61.8.0.4-r4 TS4466-X4RPE: Update to T_61.8.0.4-r4 TS5366-X12PE: Update to T_61.8.0.4-r4 TS8266-X4PE: Update to T_61.8.0.4-r4 TS2966-X12TVPE: Update to T_61.8.0.4-r4 TS4466-X4RVPE: Update to T_61.8.0.4-r4 TS5366-X12VPE: Update to T_61.8.0.4-r4 TS8266-X4VPE: Update to T_61.8.0.4-r4 TS4441-X36RPE: Update to T_61.8.0.4-r4 TS4441-X36RE: Update to T_61.8.0.4-r4 TS4466-X4RWE: Update to T_61.8.0.4-r4 TS8266-X4WE: Update to T_61.8.0.4-r4 MS-C2964-RFLPC: Update to T_45.8.0.3-r10 MS-C2972-RFLPC: Update to T_45.8.0.3-r10 MS-C2966-RFLWPC: Update to T_45.8.0.3-r10 TS2866-X4TPC: Update to T_45.8.0.3-r10 TS2866-X4TVPC: Update to T_45.8.0.3-r10 TS2866-X4TGPC: Update to T_45.8.0.3-r10 TS2841-X36TPC: Update to T_45.8.0.3-r10 TS2841-X36TPC/W: Update to T_45.8.0.3-r10 TS2867-X5TPC: Update to T_45.8.0.3-r10 TS2961-X12TPC: Update to T_45.8.0.3-r10 TS8266-FPC/P: Update to T_45.8.0.3-r10 MS-C2966-X12RLPC: Update to T_45.8.0.3-r10 MS-C2966-X12RLVPC: Update to T_45.8.0.3-r10 MS-C5366-X12LPC: Update to T_45.8.0.3-r10 MS-C5366-X12LVPC: Update to T_45.8.0.3-r10 MS-C5361-X12LPC: Update to T_45.8.0.3-r10 MS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5 SC211: Update to C_21.1.0.8-r5 SP111: Update to 52.8.0.4-r6 MS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX MS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX MS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX MS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX

OpenCVE Recommended Actions

  • Determine the exact Milesight model and the firmware revision currently running on each camera.
  • Download the firmware version specified by Milesight for that model from the vendor’s support site and flash the device with the updated firmware.
  • After rebooting the camera, set a new, strong administrative password to ensure future authenticated access requires a unique credential.

Generated by OpenCVE AI on April 29, 2026 at 01:33 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Milesight
Milesight ms-c2964-rflpc
Milesight ms-c2966-rflwpc
Milesight ms-c2966-x12rlpc
Milesight ms-c2966-x12rlvpc
Milesight ms-c2972-rflpc
Milesight ms-c5321-fpe
Milesight ms-c5361-x12lpc
Milesight ms-c5366-x12lpc
Milesight ms-c5366-x12lvpc
Milesight ms-c8477-hpg1
Milesight ms-c8477-pc
Milesight ms-cqxx31-xxxg1
Milesight ms-cqxx68-xxxg1
Milesight ms-cqxx72-xxxg1
Milesight ms-cxx41-xxxpe
Milesight ms-cxx52-xxxpe
Milesight ms-cxx61-xxxpe
Milesight ms-cxx62-xxxg1
Milesight ms-cxx62-xxxpe
Milesight ms-cxx63-pd
Milesight ms-cxx64-xpd
Milesight ms-cxx65-pe
Milesight ms-cxx66-fipkg1
Milesight ms-cxx66-rfipkg1
Milesight ms-cxx66-xxxg1
Milesight ms-cxx66-xxxgpe
Milesight ms-cxx66-xxxpe
Milesight ms-cxx66-xxxxgopc
Milesight ms-cxx67-xxxpe
Milesight ms-cxx71-xxxpe
Milesight ms-cxx72-fipkg1
Milesight ms-cxx72-rfipkg1
Milesight ms-cxx72-xxxg1
Milesight ms-cxx72-xxxpe
Milesight ms-cxx73-xpd
Milesight ms-cxx74-pa
Milesight ms-cxx75-xxpd
Milesight ms-cxx76-pe
Milesight ms-cxx83-xpd
Milesight ms-nxxxx-nxe
Milesight ms-nxxxx-xxc
Milesight ms-nxxxx-xxe
Milesight ms-nxxxx-xxg
Milesight ms-nxxxx-xxh
Milesight ms-nxxxx-xxt
Milesight pm3322-e
Milesight pmc8266-fgpe
Milesight pmc8266-fpe
Milesight sc211
Milesight sp111
Milesight ts2841-x36tpc
Milesight ts2841-x36tpc/w
Milesight ts2866-x4tgpc
Milesight ts2866-x4tpc
Milesight ts2866-x4tvpc
Milesight ts2867-x5tpc
Milesight ts2961-x12tpc
Milesight ts2966-x12tpe
Milesight ts2966-x12tvpe
Milesight ts4441-x36re
Milesight ts4441-x36rpe
Milesight ts4466-rfivpg1
Milesight ts4466-x4ripg1
Milesight ts4466-x4rivpg1
Milesight ts4466-x4riwg1
Milesight ts4466-x4rpe
Milesight ts4466-x4rvpe
Milesight ts4466-x4rwe
Milesight ts5366-x12pe
Milesight ts5366-x12ripg1
Milesight ts5366-x12vpe
Milesight ts5510-gh
Milesight ts5510-gvh
Milesight ts5511-gvh
Milesight ts8266-fpc/p
Milesight ts8266-rfivpg1
Milesight ts8266-x4pe
Milesight ts8266-x4ripg1
Milesight ts8266-x4rivpg1
Milesight ts8266-x4riwg1
Milesight ts8266-x4vpe
Milesight ts8266-x4we
Vendors & Products Milesight
Milesight ms-c2964-rflpc
Milesight ms-c2966-rflwpc
Milesight ms-c2966-x12rlpc
Milesight ms-c2966-x12rlvpc
Milesight ms-c2972-rflpc
Milesight ms-c5321-fpe
Milesight ms-c5361-x12lpc
Milesight ms-c5366-x12lpc
Milesight ms-c5366-x12lvpc
Milesight ms-c8477-hpg1
Milesight ms-c8477-pc
Milesight ms-cqxx31-xxxg1
Milesight ms-cqxx68-xxxg1
Milesight ms-cqxx72-xxxg1
Milesight ms-cxx41-xxxpe
Milesight ms-cxx52-xxxpe
Milesight ms-cxx61-xxxpe
Milesight ms-cxx62-xxxg1
Milesight ms-cxx62-xxxpe
Milesight ms-cxx63-pd
Milesight ms-cxx64-xpd
Milesight ms-cxx65-pe
Milesight ms-cxx66-fipkg1
Milesight ms-cxx66-rfipkg1
Milesight ms-cxx66-xxxg1
Milesight ms-cxx66-xxxgpe
Milesight ms-cxx66-xxxpe
Milesight ms-cxx66-xxxxgopc
Milesight ms-cxx67-xxxpe
Milesight ms-cxx71-xxxpe
Milesight ms-cxx72-fipkg1
Milesight ms-cxx72-rfipkg1
Milesight ms-cxx72-xxxg1
Milesight ms-cxx72-xxxpe
Milesight ms-cxx73-xpd
Milesight ms-cxx74-pa
Milesight ms-cxx75-xxpd
Milesight ms-cxx76-pe
Milesight ms-cxx83-xpd
Milesight ms-nxxxx-nxe
Milesight ms-nxxxx-xxc
Milesight ms-nxxxx-xxe
Milesight ms-nxxxx-xxg
Milesight ms-nxxxx-xxh
Milesight ms-nxxxx-xxt
Milesight pm3322-e
Milesight pmc8266-fgpe
Milesight pmc8266-fpe
Milesight sc211
Milesight sp111
Milesight ts2841-x36tpc
Milesight ts2841-x36tpc/w
Milesight ts2866-x4tgpc
Milesight ts2866-x4tpc
Milesight ts2866-x4tvpc
Milesight ts2867-x5tpc
Milesight ts2961-x12tpc
Milesight ts2966-x12tpe
Milesight ts2966-x12tvpe
Milesight ts4441-x36re
Milesight ts4441-x36rpe
Milesight ts4466-rfivpg1
Milesight ts4466-x4ripg1
Milesight ts4466-x4rivpg1
Milesight ts4466-x4riwg1
Milesight ts4466-x4rpe
Milesight ts4466-x4rvpe
Milesight ts4466-x4rwe
Milesight ts5366-x12pe
Milesight ts5366-x12ripg1
Milesight ts5366-x12vpe
Milesight ts5510-gh
Milesight ts5510-gvh
Milesight ts5511-gvh
Milesight ts8266-fpc/p
Milesight ts8266-rfivpg1
Milesight ts8266-x4pe
Milesight ts8266-x4ripg1
Milesight ts8266-x4rivpg1
Milesight ts8266-x4riwg1
Milesight ts8266-x4vpe
Milesight ts8266-x4we

Mon, 27 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.
Title Milesight Cameras Use of Hard-coded Credentials
Weaknesses CWE-798
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 7.7, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Milesight Ms-c2964-rflpc Ms-c2966-rflwpc Ms-c2966-x12rlpc Ms-c2966-x12rlvpc Ms-c2972-rflpc Ms-c5321-fpe Ms-c5361-x12lpc Ms-c5366-x12lpc Ms-c5366-x12lvpc Ms-c8477-hpg1 Ms-c8477-pc Ms-cqxx31-xxxg1 Ms-cqxx68-xxxg1 Ms-cqxx72-xxxg1 Ms-cxx41-xxxpe Ms-cxx52-xxxpe Ms-cxx61-xxxpe Ms-cxx62-xxxg1 Ms-cxx62-xxxpe Ms-cxx63-pd Ms-cxx64-xpd Ms-cxx65-pe Ms-cxx66-fipkg1 Ms-cxx66-rfipkg1 Ms-cxx66-xxxg1 Ms-cxx66-xxxgpe Ms-cxx66-xxxpe Ms-cxx66-xxxxgopc Ms-cxx67-xxxpe Ms-cxx71-xxxpe Ms-cxx72-fipkg1 Ms-cxx72-rfipkg1 Ms-cxx72-xxxg1 Ms-cxx72-xxxpe Ms-cxx73-xpd Ms-cxx74-pa Ms-cxx75-xxpd Ms-cxx76-pe Ms-cxx83-xpd Ms-nxxxx-nxe Ms-nxxxx-xxc Ms-nxxxx-xxe Ms-nxxxx-xxg Ms-nxxxx-xxh Ms-nxxxx-xxt Pm3322-e Pmc8266-fgpe Pmc8266-fpe Sc211 Sp111 Ts2841-x36tpc Ts2841-x36tpc/w Ts2866-x4tgpc Ts2866-x4tpc Ts2866-x4tvpc Ts2867-x5tpc Ts2961-x12tpc Ts2966-x12tpe Ts2966-x12tvpe Ts4441-x36re Ts4441-x36rpe Ts4466-rfivpg1 Ts4466-x4ripg1 Ts4466-x4rivpg1 Ts4466-x4riwg1 Ts4466-x4rpe Ts4466-x4rvpe Ts4466-x4rwe Ts5366-x12pe Ts5366-x12ripg1 Ts5366-x12vpe Ts5510-gh Ts5510-gvh Ts5511-gvh Ts8266-fpc/p Ts8266-rfivpg1 Ts8266-x4pe Ts8266-x4ripg1 Ts8266-x4rivpg1 Ts8266-x4riwg1 Ts8266-x4vpe Ts8266-x4we
cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2026-04-28T12:40:37.832Z

Reserved: 2026-03-12T17:51:09.903Z

Link: CVE-2026-27785

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-28T00:16:23.127

Modified: 2026-04-28T20:11:56.713

Link: CVE-2026-27785

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T01:45:26Z

Weaknesses